Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2025/02/05 1:6 a.m.9 views

CVE-2024-28197

Zitadel is an open source identity management system. Zitadel uses a cookie to identify the user agent browser and its user sessions. Although the cookie was handled according to best practices, it was accessible on subdomains of the ZITADEL instance. An attacker could take advantage of this and...

7.5CVSS6.1AI score0.00335EPSS
Exploits0References1
seebug.org
seebug.org
added 2014/06/06 12:0 a.m.17 views

phpok存储型xss一枚

简要描述: rt 详细说明: PHPOK4.0.556 漏了评论处的 编码转换。 $content = $this-get"content",'html'; type为 html的话 case 'html':$msg = pregreplace$tmp,'',$msg;break; 只过滤了 $tmp = array"//isU","//isU","//isU","//isU","//isU","//isU","//isU","//isU"; 太弱。 审核评论 alert 可获取 浏览该商品的 用户的cookie 以及后台审核时 管理员的 cookie 漏洞证明:...

7.1AI score
Exploits0
securityvulns
securityvulns
added 2007/08/01 12:0 a.m.46 views

Mambo 4.6.2 CMS - Session fixation Issue in backend Administration interface

==================================================================================== Team Intell Security Advisory TISA2007-04 ------------------------------------------------------------------------------------ Mambo 4.6.2 CMS - Session fixation Issue in backend Administration interface...

Exploits0
exploitpack
exploitpack
added 2002/02/04 12:0 a.m.13 views

Portix-PHP 0.4 - Cookie Manipulation

Portix-PHP 0.4 - Cookie Manipulation source: https://www.securityfocus.com/bid/4041/info Portix-PHP is freely available web portal software. It is written in PHP and will run on most Unix and Linux variants. Portix-PHP uses non-expiring cookies for session management. It is possible for a malicio...

7.4AI score
Exploits0
Rows per page
Query Builder